5 changed files with 22 additions and 131 deletions
--- a/provision-pinky/firecracker.yml
+++ b/provision-pinky/firecracker.yml
@ -1,57 +0,0 @@
 # Setup Firecracker for VMs
 - name: Firecracker
  hosts: servers
  become_method: ansible.builtin.sudo
  become: true
  tasks:
    - name: Get firecracker
      become: false
      ansible.builtin.get_url:
        url: https://github.com/firecracker-microvm/firecracker/releases/download/v1.7.0/firecracker-v1.7.0-aarch64.tgz
        dest: ~ralsina/firecracker.tgz
        mode: '0644'
    - name: Get kernel
      become: false
      ansible.builtin.get_url:
        url: https://s3.amazonaws.com/spec.ccfc.min/img/quickstart_guide/aarch64/kernels/vmlinux.bin
        dest: ~ralsina/vmlinux.bin
        mode: '0644'
    - name: Get root image
      become: false
      ansible.builtin.get_url:
        url: https://s3.amazonaws.com/spec.ccfc.min/img/quickstart_guide/aarch64/rootfs/bionic.rootfs.ext4
        dest: ~ralsina/bionic.rootfs.ext4
        mode: '0644'
    - name: Unpack firecracker
      become: false
      ansible.builtin.unarchive:
        src: ~ralsina/firecracker.tgz
        dest: ~ralsina
        remote_src: true
    - name: Install firecracker
      become: true
      ansible.builtin.command:
        cmd: mv /home/ralsina/release-v1.7.0-aarch64/firecracker-v1.7.0-aarch64 /usr/bin/firecracker
        creates: /usr/bin/firecracker
    - name: Setup systemd unit for firecracker
      become: true
      ansible.builtin.copy:
        dest: /etc/systemd/system/firecracker.service
        content: |
          [Unit]
          Description=Firecracker VM Manager
          [Service]
          Type=simple
          ExecStart=/usr/bin/firecracker --api-sock /tmp/firecracker.socket
          Restart=always
          [Install]
          WantedBy=default.target
        mode: '0644'
    - name: Start and enable service
      become: true
      ansible.builtin.service:
        name: firecracker
        state: started
        enabled: true
--- a/provision-pinky/hosts
+++ b/provision-pinky/hosts
@ -1,16 +1,6 @@
 [servers]
-pinky 
+pinky ansible_user=ralsina
-rocky
+rocky ansible_user=ralsina
-[faas]
+[servers:vars]
 lawn
 [interactive]
 pinky
 rocky
 lawn
 [all:vars]
 ansible_user=ralsina
 ansible_connection=ssh  
 ansible_python_interpreter=/usr/bin/python3
--- a/provision-pinky/server.yml
+++ b/provision-pinky/server.yml
@ -1,54 +0,0 @@
 # Setup basic server stuff
 - name: Basic Server Setup
  hosts: servers
  become_method: ansible.builtin.sudo
  tasks:
    - name: Install some packages
      become: true
      ansible.builtin.package:
        name:
          - docker
          - docker-compose
          - btrfs-progs
          - qemu-system-arm
          - qemu-utils
        state: present
    - name: Install Debian-specific packages
      become: true
      when: ansible_os_family == 'Debian'
      ansible.builtin.apt:
        name:
          - qemu-efi-aarch64
          - net-tools
        state: present
    - name: Start and enable service docker
      become: true
      ansible.builtin.service:
        name: docker
        state: started
        enabled: true
    - name: Add ralsina to docker group
      become: true
      ansible.builtin.user:
        name: ralsina
        groups: docker
        append: true
    - name: Configure Docker
      become: true
      ansible.builtin.copy:
        dest: /etc/docker/daemon.json
        mode: '0644'
        content: |
          {
            "data-root": "/data/docker"
          }
      notify:
        - Restart Docker
  handlers:
    - name: Restart Docker
      become: true
      ansible.builtin.service:
        name: docker
        state: restarted
--- a/provision-pinky/setup_user.yml
+++ b/provision-pinky/setup_user.yml
@ -1,6 +1,6 @@
 # Setup my user with some QoL packages and settings
 - name: Basic Setup
-  hosts: interactive
+  hosts: servers
  become_method: ansible.builtin.sudo
  tasks:
    - name: Install some packages
@ -22,7 +22,6 @@
        name:
          - ncurses-term
        state: present
        update_cache: true
    - name: Add the user ralsina
      become: true
      ansible.builtin.user:
--- a/reverse_proxy/nginx.conf
+++ b/reverse_proxy/nginx.conf
@ -7,7 +7,6 @@ server {
  location / {
      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8080;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header Host            $host;
  }
  error_page 500 502 503 504 /custom_50x.html;
  location = /custom_50x.html {
@ -25,7 +24,6 @@ server {
  location / {
      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:8086;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header Host            $host;
  }
  error_page 500 502 503 504 /custom_50x.html;
  location = /custom_50x.html {
@ -43,7 +41,6 @@ server {
  location / {
      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3000;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header Host            $host;
  }
  error_page 403 404 500 502 503 504 /custom_50x.html;
  location = /custom_50x.html {
@ -70,7 +67,6 @@ server {
  location / {
      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:7777;
      proxy_set_header X-Forwarded-Host $http_host;
      proxy_set_header Host            $host;
  }
  location /stream {
@ -131,6 +127,23 @@ server {
  }
 }
 server {
  listen 8080;
  listen [::]:8080;
  server_name social.ralsina.me;
  location / {
      proxy_pass http://pinky.ralsina.github.beta.tailscale.net:3003;
      proxy_set_header X-Forwarded-Host $http_host;
      # WebSocket support
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
  }
 }
 server {
  listen 8080;
  listen [::]:8080;